Using the Keychain Application on a Remote Machine

The same result in my case with TeamViewer Remote Control.

You need to press phisically the mouse of the machine.

Josemaría

I have this problem too.

I had to upgrade to El Capitan because Bots weren't working properly in the Xcode Server build (and googling around said upgrading would fix the problem).

Upgrading DID fix that problem, but basically broke the system entirely, because I can't import my signing credentials into the System keychain, because I can't click on Accept or Accept All. So essentially my OS X server (which is remotely hosted) is now useless.

I understand Apple did what they did, but I need a solution for this very valid use case.

I can confirm this behavior as I just attempted to install Office 365 apps on a remote machine via ARD. I was able to authorize the first app during the install process, but subsequent Office apps wanted access to the keychain item and no amount of clicking remotely could get it to work. I physically went to the machine and clicked the mouse attached and it worked.

This is a huge show stopper for rolling out Office 365 to our users. ARD is basically worthless now as an admin tool for user workstations. It's even more useless for remotely located servers which don't even have keyboards/mice attached to them.

I'm not sure if this will help anyone, but in my case (using a bunch of mac minis as jenkins build agents to create ios adhoc builds and sign with the appropriate adhoc certificate), I was able to:

(on the computer itself)

- open up keychain assisstant

- navigate to the private key which is used to sign the various certificates

- do a Get Info

- set the key to allow all applications to access it

- click the ok/allow button

Now any certificate that needs the private key to sign will automatically have permission to do so. Sure there are security issues with this solution, but in my case all the hardware is behind multiple firewalls so I figure the risk is pretty minimal.

FYI: I did open a support ticket with Apple regarding this issue.

Furthermore, local mouse clicks on a keychain access dialog will not register if an ARD session is currently active either. You have to disconnect the ARD session, then the local user can click on allow.

Warning: if the client machine has screen lock enabled (i.e. "Require password after ... sleep or screen saver" is checked in Security & Privacy > General) you can end up locking out the end user even AFTER disconnecting the ARD session.

I had this exact situation happen when on the phone with Apple Support. The lock screen would not accept any keyboard/mouse input. A remote "restart" had to be issued via ARD (yes, the end user would have lost all unsaved work). There was a keychain dialog box up on the screen when the ARD session was terminated, not sure if that is what caused the lockout.

Hello everyone!

Can somebody check this case on OS X Server? Maybe this problem not appears on server version of OS X.

There is no longer a "server version of OS X". I can, however, confirm that this issue is also occurring on OS X 10.11.3 with the Server.app installed.